Date: Sun, 29 Feb 2004 22:35:41 +0200 From: Vlad Galu <dudu@diaspar.rdsnet.ro> To: freebsd-security@freebsd.org Subject: Re: procfs + chmod = no go Message-ID: <20040229223541.72d6a26f.dudu@diaspar.rdsnet.ro> In-Reply-To: <1298.213.224.103.192.1078085673.squirrel@webmail.boxke.be> References: <1298.213.224.103.192.1078085673.squirrel@webmail.boxke.be>
next in thread | previous in thread | raw e-mail | index | archive | help
--Signature=_Sun__29_Feb_2004_22_35_41_+0200_5YpzARycRi+xoY=+ Content-Type: text/plain; charset=US-ASCII Content-Disposition: inline Content-Transfer-Encoding: 7bit "Jimmy Scott" <admin@inet-solutions.be> writes: |Hello, | |I was wondering if it was possible to limit user access on /proc |without having to use securelevels. |For some reason chmod 751 /proc (or 750) does nothing. | |Is this possible on FreeBSD 4.9 ? Can't find anything about it in the |manual pages. Just want to prevent lusers from running: | |for file in /proc/*/cmdline; do cat $file; echo; done I usually mount procfs in a directory where only 'power-users' have access to. Then symlink /proc to that dir, so the apps that possibly need procfs and are being run by one of the power-users work. | | |Greetz, | | |Jimmy Scott |_______________________________________________ |freebsd-security@freebsd.org mailing list |http://lists.freebsd.org/mailman/listinfo/freebsd-security |To unsubscribe, send any mail to |"freebsd-security-unsubscribe@freebsd.org" | | |!DSPAM:40424861309032038777972! | | ---- If it's there, and you can see it, it's real. If it's not there, and you can see it, it's virtual. If it's there, and you can't see it, it's transparent. If it's not there, and you can't see it, you erased it. --Signature=_Sun__29_Feb_2004_22_35_41_+0200_5YpzARycRi+xoY=+ Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.4 (FreeBSD) iD8DBQFAQk0eP5WtpVOrzpcRAhNCAJ4w5+5TR+gc/MWqKJW/m4Nolq+nQwCfSv/u 1gxZFk6GF/VTUQ3r40Tj2Og= =9qFD -----END PGP SIGNATURE----- --Signature=_Sun__29_Feb_2004_22_35_41_+0200_5YpzARycRi+xoY=+--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20040229223541.72d6a26f.dudu>